8th Layer Insights

8th Layer Insights

Perry Carpenter | N2K Networks

Get ready for a deep dive into what cybersecurity professionals often refer to as the "8th Layer" of security: HUMANS. Welcome to 8th Layer Insights (8Li). This podcast is a multidisciplinary exploration into how the complexities of human nature affect security and risk. Author, security researcher, and behavior science enthusiast Perry Carpenter taps experts for their insights and illumination. Topics include cybersecurity, psychology, behavior science, communication, leadership, and more.

The FAIK Files | Holiday Special: AI Safety Update

The FAIK Files | Holiday Special: AI Safety Update

Note: We're posting Perry's new show, "The FAIK Files", to this feed through the end of 2024. This will give you a chance to get a feel for the new show and subscribe to the new feed if you want to keep following in 2025. Welcome back to the show that keeps you informed on all things artificial intelligence and natural nonsense. In our holiday episode, Mason opens a rather unique Christmas present from Perry, we invite a special guest to help explain the infamous "Paperclip Maximizer" thought ex

Dec 27, 2024 • 40:24

The FAIK Files | The Butcher Will Scam You Now

The FAIK Files | The Butcher Will Scam You Now

Welcome back to the show that keeps you informed on all things artificial intelligence and natural nonsense. Warning: today's episode gets a bit dark as we chat with seasoned prosecutor and founder of Operation Shamrock, Erin West, about a devastating combination of attacks known as "Pig Butchering" scams. We go deep into how they work and what we can do about them.Want to leave us a voicemail? Here's the magic link to do just that: https://sayhi.chat/FAIKYou can also join our Discord server her

Dec 20, 2024 • 1:01:23

The FAIK Files | AI Gone Wild: Worrisome Leaks, Misguided Conspiracies, and More

The FAIK Files | AI Gone Wild: Worrisome Leaks, Misguided Conspiracies, and More

Note: We're posting Perry's new show, "The FAIK Files", to this feed through the end of the year. This will give you a chance to get a feel for the new show and subscribe to the new feed if you want to keep following in 2025. Welcome back to The FAIK Files--- the show about artificial intelligence and natural nonsense!In this week's episode: Mason shares how ChatGPT became an unexpected hero in solving his home networking and studio challenges Perry dives into the mysterious case of "David Mayer

Dec 13, 2024 • 54:53

The FAIK Files | A Hunch about Hutch

The FAIK Files | A Hunch about Hutch

Note: We're posting Perry's new show, "The FAIK Files", to this feed through the end of the year. This will give you a chance to get a feel for the new show and subscribe to the new feed if you want to keep following in 2025. Welcome back to The FAIK Files— the show about artificial intelligence and natural nonsense!In this week’s episode: Mason has an update on last week's shocking story of Google Gemini’s alleged threats against a user. Is this a glitch, a hack, or something more sinister? We

Dec 6, 2024 • 53:36

The FAIK Files | Ep 1: Consciousness, Scams, & Death Threats

The FAIK Files | Ep 1: Consciousness, Scams, & Death Threats

Note: We're posting Perry's new show, "The FAIK Files", to this feed through the end of the year. This will give you a chance to get a feel for the new show and subscribe to the new feed if you want to keep following in 2025. Happy FAIKs-giving everyone! Welcome to the newly renovated and relaunched FAIK Files podcast. On this week's episode, Perry & Mason cover Anthropic's recent hiring of an employee focused on AI well-being, an AI grandmother from hell (for scammers), and Google's Gemini chat

Nov 29, 2024 • 52:24

THE FAIK FILES | Chapter 3: The Mindset and Tools of a Digital Manipulator

THE FAIK FILES | Chapter 3: The Mindset and Tools of a Digital Manipulator

This is Part Three of a ten-part miniseries exploring Perry Carpenter's latest book, FAIK: A Practical Guide to Living in a World of Deepfakes, Disinformation, and AI-Generated Deceptions. Each episode kicks off with a dramatized reading of the "Whispers from the Static" vignette that opens the chapter, followed by an in-depth conversation with Perry Carpenter and Mason Amadeus, where they unpack the chapter's themes and real-world implications.Get the Book (Amazon Associate Link): FAIK: A Pract

Oct 7, 2024 • 30:41

THE FAIK FILES | Chapter 2: New Frontiers of Deception: AI and Synthetic Media

THE FAIK FILES | Chapter 2: New Frontiers of Deception: AI and Synthetic Media

This is Part Two of a ten-part miniseries exploring Perry Carpenter's latest book, FAIK: A Practical Guide to Living in a World of Deepfakes, Disinformation, and AI-Generated Deceptions. Each episode kicks off with a dramatized reading of the "Whispers from the Static" vignette that opens the chapter, followed by an in-depth conversation with Perry Carpenter and Mason Amadeus, where they unpack the chapter's themes and real-world implications. Get the Book (Amazon Associate Link): FAIK: A Practi

Sep 30, 2024 • 28:41

THE FAIK FILES | Chapter 1: The Eternal Battle for the Mind

THE FAIK FILES | Chapter 1: The Eternal Battle for the Mind

This is Part One of a ten-part miniseries exploring Perry Carpenter's latest book, FAIK: A Practical Guide to Living in a World of Deepfakes, Disinformation, and AI-Generated Deceptions. Each episode kicks off with a dramatized reading of the "Whispers from the Static" vignette that opens the chapter, followed by an in-depth conversation with Perry Carpenter and Mason Amadeus, where they unpack the chapter's themes and real-world implications. Get the Book (Amazon Associate Link): FAIK: A Practi

Sep 30, 2024 • 31:07

Digital Mindhunters

Digital Mindhunters

In this conversation, Perry sits down with Dr. Bilyana Lilly to discuss her new book Digital Mindhunters (Coming Oct 30) and the intersection of cybersecurity, disinformation, and AI. She describes the narrative structure of her book, navigating a world of cyber threats and influence operations, and the evolving landscape of disinformation with AI amplifying threats. Dr. Lilly emphasizes the importance of awareness and education in combating misinformation and highlights the global threats posed

Sep 17, 2024 • 59:19

Let's talk Social Engineering

Let's talk Social Engineering

In this episode, Perry catches-up with Stephanie (Snow) & JC Carruthers. They talk about social engineering, the DEFCON Social Engineering Community / Village, and share their favorite (and most embarrassing) social engineering stories. Perry also gives a quick update on his recent exploits entering an AI chatbot into the Social Engineering Village CTF, speaking at the DEFCON AI Village, and the release of his new book, FAIK: A Practical Guide to Living in a World of Deepfakes, Disinformation, a

Sep 3, 2024 • 57:43

What About Ethics?

What About Ethics?

On this episode, Perry gets to sit down with Ed Skoudis to discuss the simplicity and complexities of cybersecurity ethics. Ed's new book is The Code of Honor: Embracing Ethics in Cybersecurity. Guest:Ed Skoudis (LinkedIn) (Twitter) (Website)Books and References: The Code of Honor: Embracing Ethics in Cybersecurity, by Paul J. Maurer and Ed Skoudis The Mysterious Case of Rudolf Diesel: Genius, Power, and Deception on the Eve of World War I, by Douglas Brunt The Cybersecurity Code (downloadable

Jul 30, 2024 • 55:05

Can You Really Tell if Something is Written by an AI?

Can You Really Tell if Something is Written by an AI?

On this episode, Perry gets to sit down with Jon Gillham. Jon is the founder and CEO of Originality.ai -- an AI content detection platform designed to help website owners, content marketers, writers and publishers hit 'publish' with integrity in the world of generative AI.In this interview, we get the lowdown on how AI content detection works, what it is good at, and where some of the current limits are.Guest:Jon Gillham (LinkedIn) (Twitter) (Website)Books and References: AI Content Detector Ac

Jul 9, 2024 • 49:51

Money Laundering 101: a chat with Investigative Journalist Geoff White

Money Laundering 101: a chat with Investigative Journalist Geoff White

On this episode, Perry gets to sit down with investigative journalist, author, and podcaster, Geoff White. They discuss Geoff's new book, "Rinsed: From Cartels to Crypto: How the Tech Industry Washes Money for the World's Deadliest Crooks", the state of global cybercrime, and (everybody's favorite topic) artificial intelligence. Guest: Geoff White (LinkedIn) (Twitter)Books and References: Rinsed: From Cartels to Crypto: How the Tech Industry Washes Money for the World's Deadliest Crooks, by Ge

Jun 4, 2024 • 51:37

Communicating Complex Topics with Creativity and Passion

Communicating Complex Topics with Creativity and Passion

In this episode, Perry sits down with award winning cybersecurity author, George Finney to discuss his recent book, Project Zero Trust. This is a broad discussion that hits on the concepts of Zero Trust, George's approach to writing the book, his passion for storytelling, and much more. Guest:George Finney (LinkedIn) (Website)Books and References: Project Zero Trust: A Story about a Strategy for Aligning Security and the Business, by George Finney Well Aware: Master the Nine Cybersecurity Hab

May 7, 2024 • 56:41

How Rachel Tobac Hacked Me

How Rachel Tobac Hacked Me

In this episode Perry Carpenter sits down with Rachel Tobac to debrief after her recent KB4-CON session, "How I'd Hack You Live" where she... well... hacked Perry live. Perry and Rachel explore how age-old deception techniques are being revamped for the digital age. The discussion spans the future of social engineering, the increasing role of AI in security, and a few other fun bits. Guest:Rachel Tobac (LinkedIn) (Twitter / X) (Website)Books and References (Books are Amazon Associate Links and

Apr 9, 2024 • 33:43

How AI Can Deceive and be Deceived

How AI Can Deceive and be Deceived

On this episode Perry sits down with Dr. Matthew Canham to explore ways in which AI can be weaponized against us, and how age old social engineering tactics can be used to trick large language models. Guest:Dr. Matthew Canham (LinkedIn) (Website)Books and References (Books are Amazon Associate Links and help support the show): Cognitive Security Institute YouTube Channel Cognitive Security Institute website YouTube video: BlackHat Presentation -- Me and My Evil Digital Twin: The Psychology of Hu

Mar 19, 2024 • 54:37

Frame the Future: The Art of Becoming a Futurist

Frame the Future: The Art of Becoming a Futurist

On this episode Perry sits down with Jeremy Treadwell, a people-first technologist and futurist, to get the lowdown on how a futurist approaches the world. Guest:Jeremy Treadwell (LinkedIn) (Twitter)Books and References (Books are Amazon Associate Links and help support the show): YouTube Video: What UX/UI Taught Me about Improving Security Awareness [SANS Security Awareness Summit 2022], Jeremy Treadwell YouTube Video: Reimagine the Future of Data, Privacy + Security with Technologist Jeremy Tr

Feb 27, 2024 • 39:47

How to Scam a Romance Scammer

How to Scam a Romance Scammer

Welcome to season 5 of 8th Layer Insights!To celebrate Valentine's Day, Perry sits down with Emmy winning reporter Kerry Tomlinson to talk about the time she turned the tables on a romance scammer. Guest:Kerry Tomlinson (LinkedIn) (Website) (YouTube)Books and References: YouTube video: Inside a romance scam: how to make a catfisher sing YouTube video: Scammers are stealing people's faces for live video calls National Cybersecurity Alliance : Online Romance and Dating Scams National Cybersecur

Feb 13, 2024 • 55:51

Artificial Intelligence: Insights & Oddities

Artificial Intelligence: Insights & Oddities

On this episode, Perry celebrates the one year birthday of ChatGPT by taking a look at AI from technological, philosophical, and folkloric perspectives. We see how AI was formed based on human words and works, and how it can now shape the future of human legend and belief.Guests: Brandon Karpf, Vice President at N2K Networks (LinkedIn) (Website) Dr. Lynne S. McNeill, Associate Professor at Utah State University (LinkedIn) (Twitter) Dr. John Laudun, Professor at University of Louisiana at Lafay

Nov 30, 2023 • 1:05:42

Technology and the Law of Unintended Consequences (Encore)

Technology and the Law of Unintended Consequences (Encore)

Let's face it. Most of us have a love/hate relationship with technology and technological advances. We dream about the new thing... but when it arrives, we are usually a little disappointed. Many of us also lament the constant erosion of privacy, the changes in social norms, and more. And, little-by-little, we allow those aspects of new technology to make us numb. We accept the cognitive dissonance of not totally being happy with the trade-offs; yet we still make the trade.In this episode, we ex

Oct 24, 2023 • 51:43

Cybersecurity First Principles w/Rick Howard

Cybersecurity First Principles w/Rick Howard

On today's show, Perry sits down with Rick Howard to discuss Rick's new book and the concept of "First Principles" as they apply in the domain of cybersecurity.Rick Howard is the CSO of N2K and the Chief Analyst, and Senior Fellow at the N2K Cyber, formerly CyberWire. His past lives include CSO at Palo Alto Networks, CISO at TASC, the GM at Verisign/iDefense, the Counterpane SOC Director, and the Commander of the Army's Computer Emergency Response Team (CERT). Rick served 25 years in the Army, t

Oct 10, 2023 • 40:42

OSINT, Curiosity, Creativity, & Career Pivots: A Conversation with Rae Baker

OSINT, Curiosity, Creativity, & Career Pivots: A Conversation with Rae Baker

If you’ve been listening to this show for a while, you’ll know that we’ve touched on the topic of Open Source Intelligence (otherwise known as OSINT) several times. It is an area of information security that penetration testing that’s been getting quite a bit of attention over the past several years. When you think about the digital world we live in, where we have a proliferation of personal, organizational, and governmental data on the internet...and the simple fact that data likes to leak…we c

Sep 26, 2023 • 33:50

Conversational Security Awareness: Putting Humanity into Your Human Risk Management Program

Conversational Security Awareness: Putting Humanity into Your Human Risk Management Program

Listen in as Perry Carpenter & Dr. Jessica Barker present their joint session, "Conversational Security Awareness" at the SANS Managing Human Risk Summit. ... and stay tuned after the presentation for a quick conversation between Perry, Jessica, and Lance Spitzner (SANS) as they discuss themes from this year's event.Guests: Dr. Jessica Barker (LinkedIn) (Twitter) Jeremy Treadwell (LinkedIn) (Twitter) Lance Spitzner (LinkedIn) (Twitter) Additional Resources: Jessica Barker's great blog post summa

Sep 12, 2023 • 56:49

Blending Awareness, Social Engineering, and Physical Penetration Testing -- A Conversation with Jayson E. Street

Blending Awareness, Social Engineering, and Physical Penetration Testing -- A Conversation with Jayson E. Street

On today's show, Perry sits down with Jayson E. Street to discuss his unique blend of social engineering, physical penetration testing, and security awareness. Jayson refers to this as being trained by a simulated adversary. At the heart of Jayson's method is intense boldness in his approach to social engineering and penetration testing coupled with an equally intense passion for helping his clients and their employees improve their overall security posture and mindsets. It's about education rat

Aug 29, 2023 • 1:06:09

How to Fool the White House (Encore)

How to Fool the White House (Encore)

Hey all! I'm at BlackHat and Defcon this week. If you're there, track me down. I'd love to meet you!This week's episode is an encore of one of my favorites. My interview with James Linton (a.k.a. The Email Prankster). In 2017, James went on a virtual joyride exploiting the ways that people interact with emails. One of the most interesting things about James' story is that his exploits didn't rely on any type of highly technical method(s); they were simple display name deceptions. But that didn't

Aug 8, 2023 • 1:05:21

We are the Champions

We are the Champions

There has been a lot of buzz for the past few years about the benefits and importance of establishing security champions programs. These are groups of people in your organization who become vital, responsible, and proactive contributing evangelists to the security culture of your organization. I often refer to them as "culture carriers." And, while there is general agreement that these are good programs to have, establishing them is currently a bit of a dark art.On today's show, Perry sits down

Jul 26, 2023 • 43:12

Something Wicked This Way Comes: PenTesting Your Environment w/Chad Peterson of NetSPI

Something Wicked This Way Comes: PenTesting Your Environment w/Chad Peterson of NetSPI

On this episode, Perry sits down with Chad Peterson, Managing Director at NetSPI, to discuss the importance of penetration testing. We touch on aspects of social engineering, discussing complex security issues with Boards of Directors, the prevalence of Ransomware, and some of the unique challenges facing the healthcare industry. Guest: Chad Peterson (LinkedIn) (Twitter) Books & References (Books are Amazon Associate links) CISO Desk Reference Guide: A Practical Guide for CISOs by Bill Bonne

Jun 20, 2023 • 45:25

Carrots, Sticks, and Culture: The Art and Science of Social Signaling

Carrots, Sticks, and Culture: The Art and Science of Social Signaling

On this episode, what cybersecurity professionals need to understand about how social signaling and incentives really work. Today's episode features a conversation with Uri Gneezy. In the field of cybersecurity, we are very interested in identifying proactive and positive ways to encourage the behavior we want. That's where Uri comes in. Uri is a well-known behavioral economist and professor of economics and strategy in the Rady School of Management at the University of California at San Diego.

Jun 6, 2023 • 45:59

Hacking the Paranormal -- a conversation with Banachek

Hacking the Paranormal -- a conversation with Banachek

In this episode, Perry Carpenter sits down with renowned mentalist and skeptic, Banachek. Banachek (Steve Shaw) grew up with a fascination in magic and a frustration with psychic frauds. As a teenager, he contacted magician and skeptic, James “The Amazing” Randi and ended up working with Randi on a special initiative known as Project Alpha, which set out to expose a general lack of objectivity in parapsychology research. Banachek served as the director for the James Randi Educational Foundation’

May 23, 2023 • 1:11:09

What Cybersecurity Pros can Learn from Star Wars

What Cybersecurity Pros can Learn from Star Wars

This week's episode is a late Star Wars ("May the 4th Be With You") celebration. We check out a couple interesting articles about security-related lessons embedded in the Star Wars movies, and Perry sits down with Adam Shostack, author of the new book, Threats: What Every Engineer Should Learn From Star Wars to discuss threat modeling principles using Star Wars related examples. Guest: Adam Shostack (LinkedIn) (Twitter) (Website) Books & References (Books are Amazon Associate links) Threats:

May 9, 2023 • 48:00

Postcards from the Intersection of Cybersecurity and Folklore

Postcards from the Intersection of Cybersecurity and Folklore

Welcome to season 4, episode 1 of 8th Layer Insights!On this episode, Perry speaks with Josiah Dykstra (Senior Fellow, Office of Innovation at the National Security Agency) about the new book he co-authored with Eugene Spafford and Leigh Metcalf. The book is titled Cybersecurity Myths and Misconceptions: Avoiding the Hazards and Pitfalls that Derail Us, This topic coincides well with Perry's recent studies into folklore and urban legends for his other podcast, Digital Folklore.Guests: J

Apr 25, 2023 • 45:30

Season 3 finale: What's the deal with Authentication, MFA, and Password Managers?

Season 3 finale: What's the deal with Authentication, MFA, and Password Managers?

For the last episode of season 3, I thought we'd talk about something that's been in the news quite a lot recently: Authentication and Password Managers. As security professionals, we've decried the password for decades. Multifactor authentication (MFA) has started to gain popularity... but not without its own issues. Security leaders and tech teams may have once again hoped for a silver bullet, only to be disappointed to find out that crafty attackers can easily bypass MFA. We've also

Jan 24, 2023 • 1:12:04

Quick announcement and sneak peek of my new show: Digital Folklore

Quick announcement and sneak peek of my new show: Digital Folklore

Hey all! An announcement and something special! First, the announcement: Here's your chance to participate in the final episode of 8Li season 3. If you’ve got a question or comment that you’d like me to try to answer or respond to, leave a voice message at https://www.speakpipe.com/8Li. Frankly, that would make it more engaging than if I just read your questions. But, if you aren’t able to record a message or don’t want your voice on the show, then you can email me your questions at perry@8thLay

Jan 10, 2023 • 14:20

Cybersecurity, Creativity, Leadership: a Conversation with Chris Cochran and Ron Eddings

Cybersecurity, Creativity, Leadership: a Conversation with Chris Cochran and Ron Eddings

On this episode, Perry speaks with Chris Cochran and Ron Eddings. Chris and Ron started the Hacker Valley Studio Podcast back in June of 2019 with the goal of exploring the human condition to inspire peak performance in cybersecurity. The podcast is about Chris and Ron’s quest to find inspirational stories and knowledge to elevate themselves and their communities. That podcast eventually kicked off a journey that led them to create their own podcast network (Hacker Valley Media), foster communit

Dec 27, 2022 • 47:09

Your Life, Their Profit: Buyer Awareness in the 21st Century

Your Life, Their Profit: Buyer Awareness in the 21st Century

On this episode, Perry sits down with Marta L. Tellado, President and CEO at Consumer Reports, to discuss the digital moment we are in and what that means for consumers and the marketplace: the risks, dangers, traps… and also the places and paths that can lead to progress. They also discuss Marta's new book, Buyer Aware: Harnessing Our Consumer Power for a Safe, Fair, and Transparent Marketplace.Guest:Marta L. Tellado (LinkedIn) (Twitter) (Website)Books and References: Fighting For a Fa

Dec 13, 2022 • 51:24

[Holiday Replay] The Battle for Truth: Disinformation, Misinformation, & Conspiracies

[Holiday Replay] The Battle for Truth: Disinformation, Misinformation, & Conspiracies

Get ready for those 'fun' holiday dinner conversations with friends and family. You know the ones... In the spirit of the holidays, I thought we'd revisit Season 1, Episode 2. This is an episode about the battle for truth. As disinformation, misinformation, malinformation, and conspiracy theories seem to be hitting epidemic levels, how can we help each other determine what is real and what is fake? How can we help people who are falling down conspiracy rabbit holes? And what roles do technology

Nov 29, 2022 • 1:04:52

Spycraft: A Behind the Curtain Look into the Intelligence Community

Spycraft: A Behind the Curtain Look into the Intelligence Community

There is something about a good spy story that seems to really resonate with people in the cybersecurity world. We love watching the moves and the counter moves, and the sneaking around, and the social engineering, and hacking, and all of the gadgets and toys, and car chases, and fights and double crosses and triple crosses. Yeah, you get the point. But how much of that is real and how much can be chalked up to an author's creative license? And what's life and work like for real people

Nov 15, 2022 • 51:40

8th Layer Insights and the Quest for Security Culture

8th Layer Insights and the Quest for Security Culture

For this week, we are revisiting a previous episode that first aired as Season 1 Episode 10. In this episode, we discuss the concept of security culture -- specifically, the difficulty that security leaders have in defining what a security culture actually is. Luckily, we can draw on learnings from organizational culture management and culture transformation experts.Guests for this episode include, David Sturt, Executive Vice President of the O.C. Tanner Institute, author of Great Work:

Nov 1, 2022 • 1:09:42

Social Engineering and Breaking into Stuff with Jenny Radcliffe

Social Engineering and Breaking into Stuff with Jenny Radcliffe

On this episode, Perry sits down with Jenny Radcliffe (a.k.a. The People Hacker). Jenny is a well-known speaker, podcaster, professional social engineer, and physical penetration tester… in other words, she’s a social engineer who specializes not only in tricking people into doing things they shouldn’t do… but she also specializes getting into places she shouldn’t be and finding things she shouldn’t be able to find. Her job is to embody the criminal mindset and use the skills of a crimi

Oct 18, 2022 • 36:21

Open Source Intelligence (OSINT): The Data We Leak

Open Source Intelligence (OSINT): The Data We Leak

Over the past few years, there's been a lot of talk about the value of understanding Open Source Intelligence (OSINT). But, even with so much talk, relatively few cybersecurity professionals have had the time to take a deep dive into the topic. In this episode, Perry sits down with social engineer, OSINT investigator, and member of the OSINT Curious project, Christina Lekati to get an overview of the value of OSINT as well as some basic techniques. After that, we hear from Chris Kirsch

Oct 4, 2022 • 47:28

The Secrets to Consistently Creating Great Content

The Secrets to Consistently Creating Great Content

In this episode, Perry talks about the value of storytelling and provides 7 tips for anyone who faces the fear associated with staring at a blank screen, wondering how they can begin to create fresh content. This is adapted from a presentation Perry recently gave at the 2022 SANS Security Awareness Summit.Books & Resources: Overview of "The Iron Triangle" Visual Summary of Perry's SANS Security Awareness Summit presentation YouTube Video: You are not a storyteller - Stefan Sagmeiste

Sep 20, 2022 • 45:24

If It's Smart, It's Vulnerable: a Conversation with Mikko Hyppönen

If It's Smart, It's Vulnerable: a Conversation with Mikko Hyppönen

In this episode, Perry sits down with Mikko Hyppönen for a wide ranging discussion about the history, current state, and future of cybersecurity. We also discuss Mikko's new book, the title of which is derived from Hyppönen's Law: If It's Smart, It's Vulnerable.Guest:Mikko Hyppönen (LinkedIn) (Twitter) (Web)Books & Resources: If It's Smart, It's Vulnerable, by Mikko Hyppönen Mikko's TED Talks Daemon, by Daniel Suarez Internet of Things and data placement, by Dell Technologies Tr

Sep 6, 2022 • 49:22

Finding Your Path: Mid-Career Moves into Cybersecurity

Finding Your Path: Mid-Career Moves into Cybersecurity

This is a follow-up to Season 2, episode 4 –Bridging the Cyber Skills Gap. Many listeners contacted me saying that they loved the episode, but wished that I’d put more focus on people trying to find a career in cybersecurity later in life. So, consider this episode a Bridging the Cyber Skills Gap Part 2.We’ll hear the stories of several people who’ve come to cybersecurity a bit later in life. This episode features interviews with Alethe Denis, Tracy Z. Maleeff (a.k.a. InfoSec Sherpa), P

Aug 23, 2022 • 45:30

Cyber Mindfulness

Cyber Mindfulness

You've probably been hearing the term 'mindfulness' a lot these days. And for good reason. We humans seem to be busier and more stressed out than ever before, and mindfulness practices seem to offer positive benefit. But how does mindfulness intersect with cybersecurity? What practices can we learn and promote to decrease human risk in our organizations and live safer digital lives?In this episode, we explore the topic of cyber mindfulness. And to do so, we'll be hearing from Anna Colla

Aug 9, 2022 • 47:19

Lockpicking, Physical Penetration Testing, and More with Deviant Ollam

Lockpicking, Physical Penetration Testing, and More with Deviant Ollam

On this bonus episode, Perry sits down with physical penetration tester, lock picking guru, and Board Member of The Open Organization of Lockpickers (TOOOL), Deviant Ollam. They discuss lockpicking, physical penetration testing, locksport, and the ethics of teaching these skills.Guest:Deviant Ollam (Twitter) (YouTube) (Website)Books & Resources: 8th Layer Insights S2E8: Fun and Games: Lock Picking, Capture the Flag Contests, Simulations, and More Lockpicking Resources from Deviant

Jun 22, 2022 • 26:38

The Lazarus Heist: Investigative Journalism, Podcasting, and North Korean Hacking (with Geoff White)

The Lazarus Heist: Investigative Journalism, Podcasting, and North Korean Hacking (with Geoff White)

On this bonus episode, Perry sits down with investigative journalist, speaker, podcaster, and author, Geoff White to talk about his path into investigative journalism, podcasting, and his new book, "The Lazarus Heist: From Hollywood to High Finance: Inside North Korea's Global Cyber War."Guest:Geoff White (LinkedIn) (Twitter) (Website)Books & Podcasts: Lazarus Heist Book Lazarus Heist Podcast Crime Dot Com: From Viruses to Vote Rigging, How Hacking Went Global Transformational Secu

Jun 7, 2022 • 44:53

An Announcement, a Request, and How You Can Win Some $$$

An Announcement, a Request, and How You Can Win Some $$$

Please take the listener survey--->>> https://www.surveymonkey.com/r/8LI_Survey

May 17, 2022 • 4:57

An Interview with a Password

An Interview with a Password

If you could interview a password, what questions would you ask?Today, May 5th, 2022 is World Password Day. World Password Day was first established in 2013 and is celebrated each year on the 1st Thursday in May. To celebrate, I thought it would be fun to share an excerpt of a previous episode ("Security is Alive") where I interviewed multiple security-related objects. This clip is my interview with Dave the Password.Stick around after the interview for a few password-related tips and b

May 5, 2022 • 13:25

Creativity for Non-Creatives

Creativity for Non-Creatives

Creativity can be a scary topic for technologists. Most of us haven't been trained in the art and science of creativity and so they either feel out of their depth when called on to create content. But it doesn't have to be that way. In this episode, Perry sits down with New York Times bestselling author, Michelle Richmond, Audible bestselling author Rob Dircks, and two critically acclaimed cybersecurity podcasters, Ran Levi (creator and host of the Malicious Life podcast) and David Spar

May 3, 2022 • 1:12:42

The Next Evolution of Security Awareness

The Next Evolution of Security Awareness

"Security Awareness" is a slippery topic for a lot of people. It's a well known phrase -- and, let's face it, it's a phrase that can be very misleading. In this episode, Perry sits down with Dr. Jessica Barker (author and co-CEO at Cygenta), Cassie Clark (Security Awareness Lead Engineer at Brex), John Scott (Head of Security Education at Bank of England), and Lance Spitzner (Director, SANS Institute: Founder, Honeynet Project) to discuss what is currently being done well and, more impo

Apr 19, 2022 • 50:20

Why Are We So Bad At Risk?

Why Are We So Bad At Risk?

Risk is a funny thing – our minds are constantly looking for risk, scanning our environments and our available choices. And sometimes we do a great job at anticipating and avoiding risky situations. But that doesn’t mean that we are universally good at dealing with risk. In fact, we can be downright appalling at considering and avoiding risk. In this episode, we explore the concept of risk, why we're so bad at understanding it, and the steps we can take to improve. Perry speaks with four risk ex

Apr 4, 2022 • 53:47

Fun and Games: Lock Picking, Capture the Flag Contests, Simulations, and More

Fun and Games: Lock Picking, Capture the Flag Contests, Simulations, and More

What images come to mind when you see or hear the word 'Cybersecurity?' That word probably evokes mental images of people hunched over keyboards launching cyberattacks at each other. Or maybe you picture someone picking a lock or stealing a badge to slip into a building. In other words, most people picture the battle... or what some might think of as "the fun parts." But, here's the thing. Not everyone gets to participate in these aspects of cybersecurity and, in many cases, finding saf

Mar 22, 2022 • 1:02:22

World's Greatest Con – A Conversation with Brian Brushwood

World's Greatest Con – A Conversation with Brian Brushwood

If you love learning about cons, scams, and tricks, then this is the episode for you. Listen as Perry sits down with Brian Brushwood, someone who has made understanding and teaching scams and tricks his life's work. Brian is the creator of Scam School, Scam Nation, Hacking the System, Modern Rogue, and more. For the past 20 years, he's toured around the world teaching and demonstrating everything from side show stunts, to sleight-of-hand magic, to the intricacies of con artistry. Brian’s new pod

Mar 8, 2022 • 1:06:51

Security is Alive

Security is Alive

Every now and then you need to try something new. That's what this episode is. If you listened to Season 2, Episode 3 (Technology and the Law of Unintended Consequences), you may remember the mock interview with Janet, the virtual assistant. This episode expands that idea and features a set of four mock interviews -- all with security-related object. This is an interesting experiment to help flesh-out some ideas behind these objects, the reasons they exist, their motivations, and the si

Feb 22, 2022 • 49:01

How to Fool The White House -- A conversation with James Linton (aka The Email Prankster)

How to Fool The White House -- A conversation with James Linton (aka The Email Prankster)

On this episode, Perry sits down with James Linton (formerly known as The Email Prankster). In 2017, James went on a virtual joyride exploiting the ways that people interact with emails. One of the most interesting things about James' story is that his exploits didn't rely on any type of highly technical method(s); they were simple display name deceptions. But that didn't stop him from fooling CEOs from some of the worlds largest banks, celebrities, and high ranking staff members in the White Ho

Feb 8, 2022 • 1:06:00

Bridging the Cyber Skills Gap

Bridging the Cyber Skills Gap

If you've been following the cybersecurity industry for the past few years, you've likely heard about the "cyber skills gap." In this episode, Perry sits down with Heath Adams (TCM Security), Professor Karla Carter (Bellevue University), Sam Curry (Cybereason), and Lola Obamehinti (eBay) to explore what the skills gap is and how to begin to close the gap. We touch on subjects such as where traditional degrees, online training, certifications, mentorship, and networking fit in, as well a

Jan 25, 2022 • 49:58

Technology & the Law of Unintended Consequences

Technology & the Law of Unintended Consequences

Let's face it. Most of us have a love/hate relationship with technology and technological advances. We dream about the new thing... but when it arrives, we are usually a little disappointed. Many of us also lament the constant erosion of privacy, the changes in social norms, and more. And, little-by-little, we allow those aspects of new technology to make us numb. We accept the cognitive dissonance of not totally being happy with the trade-offs; yet we still make the trade.In this episo

Jan 11, 2022 • 53:04

You're Listening to "The Dark Stream"

You're Listening to "The Dark Stream"

And now for something completely different. This episode is a show within a show. Get ready to step into The Dark Stream: it's a parody of one of those old late night paranormal, conspiracy, or confession call-in radio shows from the 1980's and 90's. And, yes, it's over-the-top and cheesy. In this episode, you'll hear some re-edited and never before aired sections from Perry's previous interviews with Rachel Tobac, Maxie Reynolds, and Chris Hadnagy. Guests: Rachael Tobac: (LinkedIn), CEO of So

Dec 28, 2021 • 46:17

Igniting and Sustaining Creativity

Igniting and Sustaining Creativity

This episode is all about creativity: what it is, what it looks like, and what to do when you get stuck. Perry speaks with four experts who have made creating new and interesting things their life's work. Featuring Jack Rhysider (Creator/host of Darknet Diaries), Faith McQuinn (creator of Boom, Margaritas & Doughnuts, and Apollyon), Tom Buck (YouTuber and content creator), and Sam Qurashi (Exploring the Psychology of Everything).Guests: Jack Rhysider Faith McQuinn Tom Buck Sam Quras

Dec 14, 2021 • 59:19

Security ABCs Part 2: 8th Layer Insights and the Quest for Security Culture

Security ABCs Part 2: 8th Layer Insights and the Quest for Security Culture

This is the second of a two part series covering Cybersecurity’s ABCs: Security Awareness, Behavior, and Culture. This episode discusses the difficulty that security leaders have in defining what a security culture actually is. Luckily, we can draw on learnings from organizational culture management and culture transformation experts.Guests for this episode include, David Sturt, Executive Vice President of the O.C. Tanner Institute, author of Great Work: How to Make a Difference People

Sep 28, 2021 • 1:08:22

Security ABCs Part 1: Make Awareness Transformational

Security ABCs Part 1: Make Awareness Transformational

This is the first of a two part series covering Cybersecurity’s ABCs: Security Awareness, Behavior, and Culture. We touched on facets of Awareness in Episode 1 and Behavior in Episode 3. These two episodes cover the cybersecurity ABCs in a very pragmatic way, with this episode covering Awareness and Behavior and Episode 10 providing a deep dive into Culture.Guests for this episode include, Dr. Jessica Barker (co-CEO and Co-Founder, Socio-Technical Lead at Cygenta; author of Confident Cy

Sep 14, 2021 • 55:14

The Risk Episode: Black Swans, Grey Rhinos, Angels & Demons

The Risk Episode: Black Swans, Grey Rhinos, Angels & Demons

Risk is a funny thing – our minds are constantly looking for risk, scanning our environments and our available choices. And sometimes we do a great job at anticipating and avoiding risky situations. But that doesn’t mean that we are universally good at dealing with risk. In fact, we can be downright appalling at considering and avoiding risk.In this episode, we explore the concept of risk, why we're so bad at understanding it, and the steps we can take to improve. Perry speaks with four

Aug 31, 2021 • 52:40

Going Mental: A Conversation with Banachek

Going Mental: A Conversation with Banachek

In this episode, Perry Carpenter sits down with renowned mentalist and skeptic, Banachek. Banachek (Steve Shaw) grew up with a fascination in magic and a frustration with psychic frauds. As a teenager, he contacted magician and skeptic, James “The Amazing” Randi and ended up working with Randi on a special initiative known as Project Alpha, which set out to expose a general lack of objectivity in parapsychology research. Banachek served as the director for the James Randi Educational Fo

Aug 17, 2021 • 1:11:25

Embrace an Attacker Mindset to Improve Security

Embrace an Attacker Mindset to Improve Security

Have you ever taken time to view the world through the eyes of an attacker? Doing so is an interesting and useful exercise. Understanding the mind of an attacker is fundamental to securing your organization or aspects of your personal life. After all, if you aren't doing the job of viewing things from an attacker's perspective, that means that only the attackers are. The idea is to understand the mindset, motivations, and capabilities of a possible threat actor so that you aren’t simply

Aug 3, 2021 • 1:03:59

Going Meta: A Conversation and AMA with Bruce Schneier

Going Meta: A Conversation and AMA with Bruce Schneier

In this episode, Perry Carpenter interviews cybersecurity guru Bruce Schneier. Perry and Bruce explore how cybersecurity is about so much more than technology — It’s about people, so we benefit by taking a multidisciplinary approach. In preparing for this interview, Perry solicited his LinkedIn network to see what questions people had for Bruce. This is a wide ranging conversation covering everything from Bruce’s thoughts on cybersecurity’s “first principles” to the impact that the pand

Jul 20, 2021 • 54:18

Deceptionology 101: Introduction to the Dark Arts

Deceptionology 101: Introduction to the Dark Arts

Have you ever noticed how fundamental deception is to the human condition? Deception and forms of social engineering have been with us since the beginning of recorded history. And yet, it seems like we are just as vulnerable to it as ever. But now the stakes are higher because technology allows social engineers to deceive at scale.This episode explores the psychology of deception, provides a foundation for understanding social engineering, offers a few mental models for exploration and

Jul 6, 2021 • 1:01:27

This is BS!

This is BS!

Ever wrestled with the fact that people often make horrible security decisions even though their employers have security awareness programs in place? It's often because we assume that being aware of something should naturally result in better behavior. Well... that's not the case. This episode takes a deep dive into the knowledge-intention-behavior gap where we are confronted with three realities of security awareness. And those realities lead us to the realization that we need to focus

Jun 22, 2021 • 1:08:43

The Battle for Truth: Disinformation, Misinformation, & Conspiracies

The Battle for Truth: Disinformation, Misinformation, & Conspiracies

This is an episode about the battle for truth. As disinformation, misinformation, malinformation, and conspiracy theories seem to be hitting epidemic levels, how can we help each other determine what is real and what is fake? How can we help people who are falling down conspiracy rabbit holes? And what roles do technology companies, governments, and ordinary citizens play? Perry Carpenter speaks with acclaimed cybersecurity expert, Bruce Schneier, disinformation experts, Samantha North and Allie

Jun 8, 2021 • 1:03:52

Unleashing Trojan Horses for the Mind

Unleashing Trojan Horses for the Mind

This episode explores the concept of “Trojan Horses for the Mind.” There are four Trojan Horses. They are: emotion, sound, visuals, and words/story. Using these Trojan Horses will help us increase the signal to noise ratio in our communications, bypass mental defenses, and embed messages within the minds of our audiences.To explore the concepts related to this, Perry speaks with voice actor, writer, and producer, Rob McCollum; author, marketer, and storytelling expert Joe Lazauskas; and

May 25, 2021 • 52:38

Introducing 8th Layer Insights

Introducing 8th Layer Insights

Coming May 25, 2021. Get ready for a deep dive into what cybersecurity professionals often refer to as the "8th Layer" of security: HUMANS. This podcast is a multidisciplinary exploration into how the complexities of human nature affect security, risk, and life. Author, security researcher, and behavior science enthusiast Perry Carpenter taps experts for their insights and illumination. Topics include cybersecurity, psychology, behavior science, communication, leadership, and more.

May 4, 2021 • 4:34

A Pre-Series Interview with Perry Carpenter

A Pre-Series Interview with Perry Carpenter

In this pre-series episode, we speak to Perry Carpenter (the host of 8th Layer Insights) about his vision for the show, what we should expect, and why the world needs yet another security podcast.

Mar 19, 2021 • 9:34

The Preview Episode!

The Preview Episode!

Hey! Welcome to 8th Layer Insights, the podcast dedicated to bringing focus to the human side of tech and cybersecurity. This is a quick "getting to know you" preview so that you have an idea of what's to come.8th Layer Insights is all about the intersection between technology and humanity. Join Perry Carpenter (author of, "Transformational Security Awareness: What Neuroscientists, Storytellers, and Marketers Can Teach Us About Driving Secure Behaviors") and a host of other hooligans as they dis

Feb 26, 2021 • 4:18

Switch to the Fountain App